Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 3 Feb 2017 08:20:31 -0800
From: David Tomaschik <david@...temoverlord.com>
To: john-users@...ts.openwall.com
Subject: Dynamic Hashes and SaltLen

Using the latest bleeding-jumbo, if I define a dynamic format like this:

[List.Generic:dynamic_1600]
Expression=md5($p.$u)
Flag=MGF_USERNAME
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_keys
Func=DynamicFunc__append_userid
Func=DynamicFunc__crypt_md5
Test=$dynamic_1600$7f409a7c046daea1c2c60502d7e2becc:pass:user

I get an error:

Error invalid format dynamic_1600
It is required to add SaltLen= to the script, for this format

This appears to be because MGF_USERNAME implies MGF_SALTED (undocumented
unless you read the source) and the test here:
https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/src/dynamic_fmt.c#L7867
.

Since this format has no salt (as I understand the term salt, but it
appears MGF_SALTED means "the hash depends on a per-hash input") what is
the appropriate value for SaltLen?  -1?

What practical impact does SaltLen have in this case?  The documentation
seems to indicate it's used only to verify hashes when reading the input
file.

David


--
David Tomaschik
OpenPGP: 0x5DEA789B
https://systemoverlord.com
david@...temoverlord.com

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.